digital IDs: disrupt, digitalize, decentralize

By February 3, 2021 Research Publications

We have become quite comfortable with the concept of digitalisation. It is evident that we are increasingly integrating more aspects of our lives with technology, especially with COVID-19 significantly accelerating the shift towards the use of digital platforms.

The events and trends of 2020 have undeniably changed global context for payments in particular. Digital transactions averaged around 12.5 million per month through banking apps alone, and is showing no signs of slowing down. While privacy remains a concern to many people, the increased convenience that technology offers is driving more and more people to embrace it.

Among the few tech-savvy governments in the world, pioneering the digital identity space  is Estonia. It brought us Skype, the world’s first digitally signed international agreement, as well as an intricate national ID system  which allows its citizens to perform a range of services, from speedily electing politicians to filing taxes online, rather than having to go about these tasks through a more paper based process. As of today, 99% of Estonia’s public services are available to its citizens online.

Singapore also joins the ranks of Estonia. With its Smart Nation Initiative, Singapore is the first country in the world to use cloud-based facial verification — known as SingPass Face Verification— in its national identity scheme. It allows citizens to use a single digital identity to transact with both public and private sectors, enabling liquid movement of data between systems.

Could digital IDs be solving a practical problem for people by allowing them to carry out their lives more efficiently (meaning: digitally)?

However, being so plugged in means each of us leave trails of data that can be traced back to us: the passwords we use, our social lives which we document almost religiously on platforms like Facebook and Instagram, our credit scores, our shopping habits — the list goes on. All of these make up our digital identification, or digital ID. Anonymity on the Internet is thus hard to achieve.

What’s wrong with passwords?

We asked our respondents how often they would have to key in their passwords every time they open an app or any other online services. 34% did so at least 5 times or more in a single day, while numbers gradually dropped with only 4% saying they do it once. More than half (58%) have pointed out that having to remember multiple usernames with multiple passwords is the most annoying factor when logging into these services.

65% never had their data compromised. However, it was surprising to learn that 23% indicated they were never informed or are unsure if their data had been compromised. A smaller proportion (12%) who were subjected to hacks mentioned that their account login details (60%) were compromised, as compared to personal (32%) and financial (8%) data.

Tech’s biggest problem: Privacy

The issue of data privacy has rightly become a source of concern for consumers and brands alike. In the wake of repeated data-privacy scandals, over 89% are concerned by the lack of governmental regulation to protect their data. Misuse of data with dual-use technologies i.e., GPS has also been expressed as a top concern among respondents (83%).

With the pandemic driving consumers online, it is not unusual that identity and personal data protection concerns are at the top of people’s mind. More than half (54%) of respondents said they would invest in a cyber insurance that can offer protection for their identities and digital data. Companies at the cutting edge of digitalisation are more likely to trigger privacy concerns. As such, proactively managing customer privacy is especially important.

Experience first, security next

Seamless user experience was chosen as the biggest upside of digital ID by half of the respondents who have placed high importance on good digital experience. From the debate of privacy vs control in test & trace apps, to tackling disinformation online — appropriately designed identity solutions are key in the digital age. However, only about a quarter (23%) feel that digital ID can reduce online fraud, protect users, and ensure that their information remains safe.

On the subject of security, it seems the creation of a secure digital ID needs to be done by an entity that is trusted by consumers. When asked about the type of organisation they’re most likely to have confidence in creating a digital ID for global adoption, majority (82%) indicated the government as their top choice. This was followed by banks (11%), while private tech entities such as Google, Facebook, Apple, etc., and local telcos made up less than 10%.

Biometrics are winning

Respondents’ top choices pointed towards the use of biometrics i.e., fingerprints (50%), followed by facial recognition (38%), and retina/iris recognition (30%) when asked about their preferred mode of authentication for their digital IDs. This isn’t surprising, as biometric authentication has already become mainstream since tech giants have incorporated the technology into our smartphones.

Physical tokens were widely used in the past decade as a two-factor authentication mode to enhance security. It has, however, seen low usage over the last few years as biometrics have become the gold standard for online protection. Only 17% of respondents still consider tokens to be a valuable mode of digital authentication. Thanks to mobile apps, the OneKey calculator-like tokens that were previously used to access SingPass will be discontinued from 1 April 2021.

We have a sharing problem

Data privacy proves to still be a concern as 31% of respondents indicated they are unwilling to share any form of digital data, even with authorized organisations. As little as 9% are willing to share the content of their emails to authorised persons, and this is only after the identities of their correspondents are redacted. Other content-related data that are visible in search histories (18%), downloaded files (19%) and online chatrooms (19%) faired quite low in terms of access.

Move to unlock

We have also seen an explosion of new technologies built on passive behavioural authentication. Think your digital assistants like Siri, Alexa, which allows access to many functions just by personalised voice commands.

Naturally, we wanted to know how our respondents would feel about being authenticated by a combination of factors, like the way they walk, how they type, etc. More people think it would not be a good thing, with 57% of them saying they are uncomfortable with not having a password as a mode of verification. A quarter are worried about falling victim to identity fraud, while about a fifth are concerned about the misuse of data.

On the other hand, 43% were agreeable to having their identities validated by methods other than passwords, with nearly half saying this would remove the stress of having to remember multiple username and password combinations.

It seems that while Singapore is considered to be very advanced in its use of technologies, citizens still need more convincing to get on board to a more personalized, fluid, and reliable (user) experience.

Final note

It is amazing how times change and how technology keeps evolving. The reality is the signs all point to a new generation that wants things quicker but are also very conscious of their data and what is being done with it. How the citizens want to deal with their government and the public and private sector is changing. This is driven by the possibilities opened up by decentralised technologies like blockchain or cryptography, leveraging and advocating for more use in protecting people’s data. The ability for platform players to seamlessly integrate our online and offline activities would be the next step to being truly ubiquitous in our lives.

. . .

We ran a survey to understand consumer attitudes towards trusted digital identities, security and authentication – how they have been and will be a key part of our online user experience, including their issues and limitations. The survey compiled answers from 217 respondents, comprising a mix of ages, genders, ethnicities and education backgrounds to represent the Singapore population.

Leave a Reply